Information Security Manager
Memphis, TN, United States
Job Title: Information Security Manager
Duration: Direct Hire
As the Information Security Manager, you will lead and manage their overall approach to data security and information protection. Plans, analyses, designs, configures, tests, implements, and maintains information security infrastructure responsive to business requirements and applicable regulations.
As the Information Security Manager, you will:
Develops and manages overall approach to data security and information protection
Align standards, frameworks and security with overall business and technology strategy
Design's security architecture elements to mitigate threats as they emerge
Audits the collection, use and retention of all personal data
Ensures all policies around data protection and information security are up to date and fit for purpose
Defines, implements, and maintains corporate security policies
Leads on the identification of data security and information protection risks across the organization and works with stakeholders to develop and implement mitigation plans, escalating issues as appropriate
Acts as a subject matter expert on data security for projects looking to implement new tools, products, or processes.
Supports the ISO and CPO to achieve the highest standards of information security across our network
Oversees maintenance of systems to protect data from unauthorized users
Develops and maintains process maps, which show how data flows through the organization
Leads and facilitates organizational training and communications around data security and information protection issues.
Oversee incident response planning as well as the investigation of security breaches and assist with disciplinary and legal matters associated with such breaches as necessary.
Implements measures to protect digital files and information systems against unauthorized access, modification, or destruction
Maintains data and monitor security access
Develops strategies to respond to and recover from a security breach
Coordinate's security plans with outside vendors
Develop or implement tools to assist in detection, prevention, and analysis of security threats
Develops modules and leads on awareness training on information security standards, policies, and best practices
Conducts periodic network scans to find any vulnerability
Manage and Mentor junior staff
Lead's attestation and certification activities
Lead disaster recovery exercises
Respond to client security questionnaires
Other duties commensurate with the post as required.
Qualifications: Degree in Information Technology, Computer Science, Software Engineering, or related field
Knowledge of Information Technology security issues and approaches to manage Information Technology security.
Knowledge of data protection operations and legislation
Knowledge of ISO27001 and SOCII controls and auditing processes
Experience required: Experience of identifying risks in data security management processes, developing, and implementing remedial action.
Excellent communication, influencing and stakeholder management skills
Experience of working across teams to deliver solutions and generate high levels of internal buy-in
Excellent project management skills and experience of leading on data security projects across multiple locations.
Experience of developing and delivering training.
Experience of developing and implementing data security policies and protocols.
Experience of working in a culturally diverse environment
Technical requirements:
Advanced technical knowledge and understanding of: Window OS, Windows Server, O365, Azure, AD, DHCP, DNS, VPN, Networking, Firewalls, Routers, VMware, Enterprise AV, Cyber Security, Encryption, DMARC, Endpoint Management
Desirable:
At least one recognized security certification: Certified Ethical Hacker (CEH)
CompTIA Security+
Certified Information System Security Professional (CISSP)
Certified Information Security Manager (CISM)
Certified Information Systems Auditor (CISA)